Partnership With Chinese App Store Shines A Light On The Hidden World Of Jailbreak Groups

Jailbreak releases for new iOS products are major events. In the early years, release teams would celebrate major holidays with a new jailbreak or SIM unlock and millions of anxious users would rush for the latest software. Much has stayed the same – the excitement, the rush to jailbreak. But something has changed: jailbreaks have become big business. Take Evasi0n, for example . After launching an iOS 7 jailbreak users found that, on computers with the language set to Chinese, the program automatically installed a program called TaiG (Tai-Gi or Tai Chi). This Chinese app store offered Chinese-language apps but a little something extra, as well: pages and pages of cracked, pirated games. The group made “around a million dollars” in placement fees for adding TaiG to Chinese iPhones. While the actual number is currently unknown, my source explained that the rumors were true and that the fee was well within that “order of magnitude.” The Evasi0n team , for their part, responded online to allegations that they had been paid to put pirated app stores on users’ phones. Yes, we have benefitted financially from our work, just as many others in the jailbreak community have, including tweak developers, repo owners, etc. Any jailbreak from us will always be free to the users but we believe we have a right to be compensated in an ethical way, just as any other developer. However, the interests of the community will always be the most important thing to us. When releasing the jailbreak, we pledged all our donations to foundations supporting the interests of the community. We are deeply upset at how we have inadvertently distressed the community and we are focused on fixing it. “We are very upset that despite our agreement and review by their team, piracy was found in the store. It was not acceptable and they have been strenuously working to resolve the problem in good faith, and have removed all instances of it that we have brought to their attention,” they wrote. “The jailbreak works and people should use it,” said Jay Freeman aka saurik , creator of Cydia , a popular “feature store” that allows users to shop for tweaks and updates to their iPhone’s OS. “The thing that bugs me [about TaiG] is there’s tons of piracy in it. We’re not about piracy. It used to be that if you wanted to pirate you did have to jailbreak. That’s no longer the case. But people still look at us we’re those pirate assholes,” said Freeman. Jailbreaking is a business now. Saurik himself makes a living off of having his app installed on jailbroken phones and the Evasi0n team, among others, make money selling space in their apps. In short, things have come a long way since the lone hacker spent time cracking iOS in his spare time. What does the TaiG partnership mean? Very little, in the long run. Even George Hotz aka Geohot, a well-known early iPhone jail breaker, attempted to sell his own jailbreak technique to unidentified buyers for $350,000 to a commercial customer. In the end, Evasi0n released theirs for free, heading potential for-pay jail breakers off at the pass. That they made money for adding TaiG, in fact, should be immaterial. That the TaiG app store contains pirated material, however, is another matter entirely. Now that jailbreaking is a business, people want to get paid, but not this way. “They do good work and I think they deserve money for it,” said Freeman.

This month’s posts:

About Ken May

Kenneth May is a certified cybersecurity professional. He and his team offer services such as Advanced Vulnerability Assessments, Network Penetration Testing, Web Application Penetration Testing, and a wide array of compliance services covering HIPAA, PCI, and the various NIST & DOD requirements. Ken is a Community mentor for SANS, the largest Cybersecurity certification preparation company in the world, and carries both the GSEC and GPEN (Certified Ethical Hacker and Penetration Tester) certifications. He has recently been accepted into the FBI’s Infragard program, as a recognized protector of critical national infrastructure. This program gives him deep access to information and resources to protect his clients.